gangsta virus..

Hi there and welcome, if you have done what you said above then the next part of the process is attaching the 4 requested logs. Without those, we cannnot assist you in malware removal.

Please get me logs from the below:

• SUPERantispyware
• Malware Bytes
• Combofix <--- C:\Combofix.txt
• MgTools <--- C:\Mglogs.zip

Thanks
Kes

 

Attach the C:\mglogs.zip and another MBAM log showing you fixed what it found as for some I see that you took no action for.

Thanks
Kes

 

Please read this:
HOW TO: Attach Items To Your Post


Attach the zip...not the unpacked files!

 

What are you referring to? All you were asked to do is to attach the C:\MGLogs.zip.

 

You are missing the HJT log and your Runkeys log is empty. Did you get any error messeges when you ran the MGTools.exe? You must make the agreement to the HJT license when you run the program and let to run until it tells you to hit any key.

Let's have you try it again:
run the C:\MGtools\GetLogs.bat file by double clicking on it, let it run to completion. Then attach the new C:\MGlogs.zip file

 

OK....let's try this tact....Please attach the logs from running SAS and Combo.
You can copy regedit form another machine as long as it is the same version.
What happens when you run SAS?

 

Have you tried running either of them in safe mode? Did you try renaming them?

Go to run / type "sfc /scannow" without qoutes and have your xp cd handly. Run it at least twice.

 

Did you get this computer with the current problems? Do you know someone you can borrow their cd from? Must be either the Pro or Home version depending on what you have installed.

When you run the MGTools, you don't get a pop up for HJT?

 

Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

I am not seeing any malware..so let's see what this turns up:
Using BitDefender Online Scan

Using BitDefender Online Scan.

 

Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

 

The directions said to save the log as a txt file (text) and attach it. This tells me only that it found some things, not what it found.

 

What malware problems are you currently having?

 

I am beginning to wonder if this is not a system problem instead of a malware problem.

Let's try doing this:
Download Dr.Web CureIt and save it to your desktop.

• Doubleclick the cureit-beta.exe file and allow to run
• If it prompts you about getting any updates, get the update and then rerun the cureit-beta.exe installation.
• When it finishes you will have a green window with a Start and and Update selection. Click Start
• the Express Scan of your PC window will come up. Click OK to scan main memory to detect infected process in memory.
• If anything is found in memory, click the yes button when it asks you if you want to cure it. This is only a short scan.
• You may see a popup window to Buy or get a discount on the program. Just click the X at the top right to close this popup. The scan will continue.
• Once the short scan is completed, click the Custom Scan radio button. Then Select each of your hard disk drives (that is if you have more than one). A red dot shows which drives have been chosen.
• Click the green arrow at the right under the Dr.Web logo, and the scan will start.
• Click 'Yes to all' if it finds any problems and asks if you want to cure or move the file.
• When the scan has finished, look if you can click next icon next to the files found:
  http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif
• If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
  http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif
• This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
• After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
• Save the report to your desktop. The report will be called DrWeb.csv
• Close Dr.Web Cureit.
• Reboot your computer!! This is necessary because there could be files in use that will be moved or deleted during reboot.
• After reboot, rename the DrWeb.csv file to DrWeb.txt so that it can be uploaded here and then attach the log from Dr.Web to your next reply

 

Good, now please re-run both SAS and MBAM, then run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* SAS
* MBAM
* C:\MGlogs.zip